onc_certification_g10_test_kit 3.0.0 → 3.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/onc_certification_g10_test_kit/base_token_refresh_group.rb +2 -0
- data/lib/onc_certification_g10_test_kit/bulk_data_group_export_stu2.rb +1 -1
- data/lib/onc_certification_g10_test_kit/export_kick_off_performer.rb +3 -2
- data/lib/onc_certification_g10_test_kit/onc_program_procedure.yml +1501 -658
- data/lib/onc_certification_g10_test_kit/profile_selector.rb +3 -1
- data/lib/onc_certification_g10_test_kit/single_patient_api_group.rb +3 -0
- data/lib/onc_certification_g10_test_kit/single_patient_us_core_4_api_group.rb +3 -0
- data/lib/onc_certification_g10_test_kit/single_patient_us_core_5_api_group.rb +5 -2
- data/lib/onc_certification_g10_test_kit/smart_ehr_patient_launch_group.rb +1 -2
- data/lib/onc_certification_g10_test_kit/smart_ehr_practitioner_app_group.rb +3 -0
- data/lib/onc_certification_g10_test_kit/smart_invalid_token_refresh_test.rb +37 -0
- data/lib/onc_certification_g10_test_kit/smart_standalone_patient_app_group.rb +3 -0
- data/lib/onc_certification_g10_test_kit/version.rb +1 -1
- data/lib/onc_certification_g10_test_kit/visual_inspection_and_attestations_group.rb +36 -0
- data/lib/onc_certification_g10_test_kit/well_known_capabilities_test.rb +1 -1
- metadata +9 -8
@@ -64,7 +64,9 @@ module ONCCertificationG10TestKit
|
|
64
64
|
end
|
65
65
|
end
|
66
66
|
|
67
|
-
|
67
|
+
if observation_contains_code(resource, '9843-4') && suite_options[:us_core_version] != 'us_core_3'
|
68
|
+
return extract_profile('HeadCircumference')
|
69
|
+
end
|
68
70
|
|
69
71
|
# FHIR Vital Signs profiles: https://www.hl7.org/fhir/observation-vitalsigns.html
|
70
72
|
# Vital Signs Panel, Oxygen Saturation are not required by USCDI
|
@@ -6,7 +6,7 @@ module ONCCertificationG10TestKit
|
|
6
6
|
For each of the relevant USCDI data elements provided in the
|
7
7
|
CapabilityStatement, this test executes the [required supported
|
8
8
|
searches](http://hl7.org/fhir/us/core/STU4/CapabilityStatement-us-core-server.html)
|
9
|
-
as defined by the US Core Implementation Guide
|
9
|
+
as defined by the US Core Implementation Guide v5.0.1.
|
10
10
|
|
11
11
|
The test begins by searching by one or more patients, with the expectation
|
12
12
|
that the Bearer token provided to the test grants access to all USCDI
|
@@ -14,7 +14,7 @@ module ONCCertificationG10TestKit
|
|
14
14
|
queries and checks that the results are consistent with the provided
|
15
15
|
search parameters. It then performs a read on each Resource returned and
|
16
16
|
validates the response against the relevant
|
17
|
-
[profile](http://hl7.org/fhir/us/core/
|
17
|
+
[profile](http://hl7.org/fhir/us/core/STU5.0.1/profiles-and-extensions.html)
|
18
18
|
as currently defined in the US Core Implementation Guide.
|
19
19
|
|
20
20
|
All MUST SUPPORT elements must be seen before the test can pass, as well
|
@@ -79,6 +79,9 @@ module ONCCertificationG10TestKit
|
|
79
79
|
|
80
80
|
USCoreTestKit::USCoreV501::USCoreTestSuite.groups.each do |group|
|
81
81
|
test_group = group.ancestors[1]
|
82
|
+
|
83
|
+
next if test_group.optional?
|
84
|
+
|
82
85
|
id = test_group.id
|
83
86
|
|
84
87
|
group_config = {}
|
@@ -1,4 +1,5 @@
|
|
1
1
|
require_relative 'base_token_refresh_group'
|
2
|
+
require_relative 'smart_invalid_token_refresh_test'
|
2
3
|
require_relative 'smart_scopes_test'
|
3
4
|
require_relative 'unauthorized_access_test'
|
4
5
|
require_relative 'well_known_capabilities_test'
|
@@ -399,6 +400,8 @@ module ONCCertificationG10TestKit
|
|
399
400
|
)
|
400
401
|
uses_request :token_refresh
|
401
402
|
end
|
403
|
+
|
404
|
+
test from: :g10_invalid_token_refresh
|
402
405
|
end
|
403
406
|
|
404
407
|
test do
|
@@ -0,0 +1,37 @@
|
|
1
|
+
module ONCCertificationG10TestKit
|
2
|
+
class SMARTInvalidTokenRefreshTest < Inferno::Test
|
3
|
+
id :g10_invalid_token_refresh
|
4
|
+
title 'Refresh token exchange fails when supplied an invalid refresh token'
|
5
|
+
description %(
|
6
|
+
If the request failed verification or is invalid, the authorization server
|
7
|
+
returns an error response.
|
8
|
+
|
9
|
+
[OAuth 2.0 RFC (6749)](https://www.rfc-editor.org/rfc/rfc6749#section-6)
|
10
|
+
)
|
11
|
+
input :refresh_token, :smart_token_url, :client_id, :received_scopes
|
12
|
+
input :client_secret, optional: true
|
13
|
+
|
14
|
+
run do
|
15
|
+
skip_if refresh_token.blank?, 'No refresh token was received'
|
16
|
+
|
17
|
+
oauth2_params = {
|
18
|
+
'grant_type' => 'refresh_token',
|
19
|
+
'refresh_token' => SecureRandom.uuid
|
20
|
+
}
|
21
|
+
oauth2_headers = { 'Content-Type' => 'application/x-www-form-urlencoded' }
|
22
|
+
|
23
|
+
oauth2_params['scope'] = received_scopes if config.options[:include_scopes]
|
24
|
+
|
25
|
+
if client_secret.present?
|
26
|
+
credentials = Base64.strict_encode64("#{client_id}:#{client_secret}")
|
27
|
+
oauth2_headers['Authorization'] = "Basic #{credentials}"
|
28
|
+
else
|
29
|
+
oauth2_params['client_id'] = client_id
|
30
|
+
end
|
31
|
+
|
32
|
+
post(smart_token_url, body: oauth2_params, headers: oauth2_headers)
|
33
|
+
|
34
|
+
assert_response_status([400, 401])
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
@@ -1,5 +1,6 @@
|
|
1
1
|
require_relative 'base_token_refresh_group'
|
2
2
|
require_relative 'patient_context_test'
|
3
|
+
require_relative 'smart_invalid_token_refresh_test'
|
3
4
|
require_relative 'smart_scopes_test'
|
4
5
|
require_relative 'unauthorized_access_test'
|
5
6
|
require_relative 'unrestricted_resource_type_access_group'
|
@@ -322,6 +323,8 @@ module ONCCertificationG10TestKit
|
|
322
323
|
)
|
323
324
|
uses_request :token_refresh
|
324
325
|
end
|
326
|
+
|
327
|
+
test from: :g10_invalid_token_refresh
|
325
328
|
end
|
326
329
|
|
327
330
|
group from: :g10_unrestricted_resource_type_access,
|
@@ -486,5 +486,41 @@ module ONCCertificationG10TestKit
|
|
486
486
|
pass native_refresh_notes if native_refresh_notes.present?
|
487
487
|
end
|
488
488
|
end
|
489
|
+
|
490
|
+
test do
|
491
|
+
title 'Health IT developer demonstrates the public location of its base URLs'
|
492
|
+
description %(
|
493
|
+
To fulfill the API Maintenance of Certification requirement at §
|
494
|
+
170.404(b)(2), the health IT developer demonstrates the public location
|
495
|
+
of its certified API technology service base URLs.
|
496
|
+
)
|
497
|
+
id :g10_public_url_attestation
|
498
|
+
input :public_url_attestation,
|
499
|
+
title: 'Health IT developer demonstrates the public location of its certified API technology service base URLs', # rubocop:disable Layout/LineLength
|
500
|
+
type: 'radio',
|
501
|
+
default: 'false',
|
502
|
+
options: {
|
503
|
+
list_options: [
|
504
|
+
{
|
505
|
+
label: 'Yes',
|
506
|
+
value: 'true'
|
507
|
+
},
|
508
|
+
{
|
509
|
+
label: 'No',
|
510
|
+
value: 'false'
|
511
|
+
}
|
512
|
+
]
|
513
|
+
}
|
514
|
+
input :public_url_attestation_notes,
|
515
|
+
title: 'Notes, if applicable:',
|
516
|
+
type: 'textarea',
|
517
|
+
optional: true
|
518
|
+
|
519
|
+
run do
|
520
|
+
assert public_url_attestation == 'true',
|
521
|
+
'Health IT developer did not demonstrate the public location of its certified API technology service base URLs.' # rubocop:disable Layout/LineLength
|
522
|
+
pass public_url_attestation_notes if public_url_attestation_notes.present?
|
523
|
+
end
|
524
|
+
end
|
489
525
|
end
|
490
526
|
end
|
@@ -22,7 +22,7 @@ module ONCCertificationG10TestKit
|
|
22
22
|
required_capabilities = config.options[:required_capabilities] || []
|
23
23
|
|
24
24
|
if suite_options[:us_core_version] == 'us_core_5' && required_capabilities.include?('launch-ehr')
|
25
|
-
required_capabilities
|
25
|
+
required_capabilities += ['context-ehr-encounter']
|
26
26
|
end
|
27
27
|
|
28
28
|
missing_capabilities = required_capabilities - capabilities
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: onc_certification_g10_test_kit
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Stephen MacVicar
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-09-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bloomer
|
@@ -44,14 +44,14 @@ dependencies:
|
|
44
44
|
requirements:
|
45
45
|
- - ">="
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version: 0.3.
|
47
|
+
version: 0.3.11
|
48
48
|
type: :runtime
|
49
49
|
prerelease: false
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
51
51
|
requirements:
|
52
52
|
- - ">="
|
53
53
|
- !ruby/object:Gem::Version
|
54
|
-
version: 0.3.
|
54
|
+
version: 0.3.11
|
55
55
|
- !ruby/object:Gem::Dependency
|
56
56
|
name: json-jwt
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -114,14 +114,14 @@ dependencies:
|
|
114
114
|
requirements:
|
115
115
|
- - '='
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 0.1.
|
117
|
+
version: 0.1.7
|
118
118
|
type: :runtime
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - '='
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 0.1.
|
124
|
+
version: 0.1.7
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: tls_test_kit
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -142,14 +142,14 @@ dependencies:
|
|
142
142
|
requirements:
|
143
143
|
- - '='
|
144
144
|
- !ruby/object:Gem::Version
|
145
|
-
version: 0.3.
|
145
|
+
version: 0.3.1
|
146
146
|
type: :runtime
|
147
147
|
prerelease: false
|
148
148
|
version_requirements: !ruby/object:Gem::Requirement
|
149
149
|
requirements:
|
150
150
|
- - '='
|
151
151
|
- !ruby/object:Gem::Version
|
152
|
-
version: 0.3.
|
152
|
+
version: 0.3.1
|
153
153
|
- !ruby/object:Gem::Dependency
|
154
154
|
name: database_cleaner-sequel
|
155
155
|
requirement: !ruby/object:Gem::Requirement
|
@@ -284,6 +284,7 @@ files:
|
|
284
284
|
- lib/onc_certification_g10_test_kit/smart_invalid_pkce_group.rb
|
285
285
|
- lib/onc_certification_g10_test_kit/smart_invalid_token_group.rb
|
286
286
|
- lib/onc_certification_g10_test_kit/smart_invalid_token_group_stu2.rb
|
287
|
+
- lib/onc_certification_g10_test_kit/smart_invalid_token_refresh_test.rb
|
287
288
|
- lib/onc_certification_g10_test_kit/smart_limited_app_group.rb
|
288
289
|
- lib/onc_certification_g10_test_kit/smart_public_standalone_launch_group.rb
|
289
290
|
- lib/onc_certification_g10_test_kit/smart_public_standalone_launch_group_stu2.rb
|